EUVD-2025-31660

Malicious code in bioql PyPI...

CVE-2025-59954

Knowage is an open source analytics and business intelligence suite. Versions 8.1.26 and below are vulnerable to Remote Code Exection through using an unsafe org.apache.commons.jxpath.JXPathContext in MetaService.java service. This issue is fixed in version 8.1.27...

CVE-2025-59954

Knowage is an open source analytics and business intelligence suite. Versions 8.1.26 and below are vulnerable to Remote Code Exection through using an unsafe org.apache.commons.jxpath.JXPathContext in MetaService.java service. This issue is fixed in version 8.1.27...

Knowage 安全漏洞

Knowage is an open source suite for modern business analytics on legacy resources and big data systems from Knowage, Italy. A security vulnerability exists in Knowage 8.1.26 and earlier versions, which stems from the use of an insecure org.apache.commons.jxpath.JXPathContext and could lead to...

CVE-2025-59954 Knowage Contains a Remote Code Execution Vulnerability

Knowage is an open source analytics and business intelligence suite. Versions 8.1.26 and below are vulnerable to Remote Code Exection through using an unsafe org.apache.commons.jxpath.JXPathContext in MetaService.java service. This issue is fixed in version 8.1.27...

CVE-2025-59954 Knowage Contains a Remote Code Execution Vulnerability

Knowage is an open source analytics and business intelligence suite. Versions 8.1.26 and below are vulnerable to Remote Code Exection through using an unsafe org.apache.commons.jxpath.JXPathContext in MetaService.java service. This issue is fixed in version 8.1.27...

PT-2025-39922

Name of the Vulnerable Software and Affected Versions Knowage versions 8.1.26 and below Description Knowage is an analytics and business intelligence suite. Versions 8.1.26 and below are susceptible to Remote Code Execution due to the use of an unsafe org.apache.commons.jxpath.JXPathContext in th...

GHSA-WRX5-RP7M-MM49 Withdrawn: CVE Rejected: JXPath vulnerable to remote code execution when interpreting untrusted XPath expressions

This advisory has been withdrawn due to the CVE being rejected. Original advisory text Those using JXPath to interpret untrusted XPath expressions may be vulnerable to a remote code execution attack. All JXPathContext class functions processing a XPath string are vulnerable except compile and...

PT-2022-5014 · Apache · Apache Commons Jxpath

Name of the Vulnerable Software and Affected Versions: Apache Commons JXPath affected versions not specified GeoServer versions prior to 2.23.6, 2.24.4, and 2.25.2 hermes-management versions prior to 2.2.9 Description: The issue is related to the application of external input for class selection ...